node-sp-auth icon indicating copy to clipboard operation
node-sp-auth copied to clipboard

Published 20 hours ago verified publisher icon s-KaiNet

Crash in OnpremiseUserCredentials

Open wmertens opened this issue 7 years ago • 2 comments
trafficstars

If the server returns an error, sometimes it doesn't send the authentication header. Here's an example response that triggers a crash in https://github.com/s-KaiNet/node-sp-auth/blob/master/src/auth/resolvers/OnpremiseUserCredentials.ts#L56

{
  "statusCode": 400,
  "body": "The length of the URL for this request exceeds the configured maxUrlLength value.",
  "headers": {
    "server": "Microsoft-IIS/8.5",
    "sprequestguid": "9f0c959e-449b-809b-6dd5-552e75b53cfc",
    "request-id": "9f0c959e-449b-809b-6dd5-552e75b53cfc",
    "x-frame-options": "SAMEORIGIN",
    "x-powered-by": "ASP.NET",
    "microsoftsharepointteamservices": "15.0.0.4841",
    "x-content-type-options": "nosniff",
    "x-ms-invokeapp": "1; RequireReadOnly",
    "date": "Thu, 04 Oct 2018 10:26:16 GMT",
    "content-length": "81"
  },
}

wmertens avatar Oct 04 '18 10:10 wmertens

Could you please elaborate?
From my understanding, if a server returns an error during the authentication phase, the process should be aborted.

s-KaiNet avatar Oct 04 '18 10:10 s-KaiNet

Actually the problem is that the authentication header is missing in this response, and that will make the header parser throw an error, and then the original http error is gone.

I had to do some deep debugging to see that my url was too long...

wmertens avatar Oct 04 '18 11:10 wmertens